import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.security.Security;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jcajce.provider.symmetric.AES;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class AESUtil {
  static {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
  }

  public static final  String VIPARA            = "1234567890abcdef";   //AES 128位数据块对应偏移量为16位

  private static final String KEY               = "******";  //AES 16位

  //AES：加密方式   CBC：工作模式   PKCS5Padding：填充模式
  private static final String CBC_PKCS5_PADDING = "AES/CBC/PKCS5Padding";

  private static final String AES               = "AES";

  /* AES 加密操作
   * @param content 待加密内容
   * @param key     加密密钥
   * @return 返回Base64转码后的加密数据
   */
  public static byte[] encrypt(byte[] content, String key) {

    if (content == null) {
      return content;
    }
    try {
      /*
       * 新建一个密码编译器的实例，由三部分构成，用"/"分隔，分别代表如下
       * 1. 加密的类型(如AES，DES，RC2等)
       * 2. 模式(AES中包含ECB，CBC，CFB，CTR，CTS等)
       * 3. 补码方式(包含nopadding/PKCS5Padding等等)
       * 依据这三个参数可以创建很多种加密方式
       */
      Cipher cipher = Cipher.getInstance(CBC_PKCS5_PADDING);
      //偏移量
      IvParameterSpec zeroIv = new IvParameterSpec(VIPARA.getBytes(StandardCharsets.UTF_8));
      //使用加密秘钥
//            SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(CODE_TYPE), AES);
      SecretKeySpec skeySpec = getSecretKey(key);
      cipher.init(Cipher.ENCRYPT_MODE, skeySpec, zeroIv);// 初始化为加密模式的密码器
      byte[] result = cipher.doFinal(content);// 加密
      return Base64.encodeBase64(result);//通过Base64转码返回
    } catch (Exception ex) {
      Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
    }
    return null;
  }

  /* AES 解密操作
   * @param content
   * @param key
   */
  public static byte[] decrypt(byte[] content, String key) {

    if (content == null) {
      return content;
    }
    try {
      Security.addProvider(new BouncyCastleProvider());
      //实例化
      Cipher          cipher = Cipher.getInstance(CBC_PKCS5_PADDING,new BouncyCastleProvider());
      IvParameterSpec zeroIv = new IvParameterSpec(VIPARA.getBytes(StandardCharsets.UTF_8));
//            SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(CODE_TYPE), AES);
      SecretKeySpec skeySpec = getSecretKey(key);
      cipher.init(Cipher.DECRYPT_MODE, skeySpec, zeroIv);
      return cipher.doFinal(Base64.decodeBase64(content));
    } catch (Exception ex) {
      Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
    }
    return null;
  }

  // 生成加密秘钥
  private static SecretKeySpec getSecretKey(final String key) {
    //返回生成指定算法密钥生成器的 KeyGenerator 对象
    try {
      KeyGenerator kg = KeyGenerator.getInstance(AES);
      //AES 要求密钥长度为 128
      SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
      secureRandom.setSeed(key.getBytes());
      kg.init(128, secureRandom);
      //生成一个密钥
      SecretKey secretKey = kg.generateKey();
      return new SecretKeySpec(secretKey.getEncoded(), AES);// 转换为AES专用密钥
    } catch (Exception ex) {
      Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
    }
    return null;
  }

}